Legal

Privacy Policy

Last updated: February 20, 2026

1. Overview

This Privacy Policy explains how LegisDex collects, uses, stores, and shares personal data when you use our website, apps, APIs, and related services (the "Service").

2. Information We Collect

  • Account data: name, email address, encrypted password, account role, authentication identifiers.
  • Profile data: profile image and email verification status.
  • Service content: prompts, chat history, message feedback, and uploaded/input content you submit.
  • Billing data: Stripe customer/subscription identifiers, plan and billing status (we do not store full card numbers).
  • Technical and usage data: IP address, request metadata, cookies/session tokens, device/browser details, analytics, and rate-limit/security logs.

3. How We Use Information

  • Provide, operate, and maintain the Service.
  • Authenticate users and protect account security.
  • Process payments, subscriptions, and billing actions.
  • Send transactional emails (verification, password reset).
  • Improve product quality, reliability, and performance.
  • Detect abuse, enforce policies, and comply with law.

4. Legal Bases (Where Applicable)

Depending on your location, we process personal data based on: performance of a contract, legitimate interests (such as security and service improvement), consent where required, and compliance with legal obligations.

5. Third-Party Service Providers

We use vetted service providers to run the platform, including:

  • Authentication and identity services (including NextAuth and Google OAuth when selected by you).
  • Payment processing and subscription billing (Stripe).
  • Email delivery (Resend).
  • Hosting, performance, and analytics tooling (Vercel services).
  • Database, cache, and rate-limiting infrastructure.
  • AI model providers used to generate responses.

We do not sell your personal information for money.

6. Cookies and Similar Technologies

We use cookies and similar mechanisms for authentication, session management, security, and analytics. You can control cookies through browser settings, but disabling certain cookies may limit Service functionality.

7. Data Retention

We retain personal data for as long as needed to provide the Service, maintain business and legal records, resolve disputes, enforce agreements, and meet legal obligations. Retention periods vary by data category and legal requirements.

8. Security

We apply technical and organizational security measures designed to protect personal data. No system is perfectly secure, so we cannot guarantee absolute security.

9. Your Rights and Choices

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, object to processing, or export your personal data, and to withdraw consent where processing relies on consent.

To request privacy rights, contact info@legisdex.com. We may need to verify your identity before processing requests.

10. International Data Transfers

Your data may be processed in countries other than your own. Where required, we use safeguards designed to protect transferred personal data in accordance with applicable law.

11. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided personal data, contact us so we can investigate and take appropriate action.

12. Policy Updates

We may update this Privacy Policy periodically. We will update the "Last updated" date and provide additional notice when changes are material.

13. Contact

For privacy-related questions or requests, contact info@legisdex.com.